Refactored (and disabled for PolarSSL) support for writing external cert files in scripts

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>

1 files changed, 5 insertions, 24 deletions

diff --git a/ssl_verify_openssl.c b/ssl_verify_openssl.c
index 8bcdc10..a8e2e49 100644
--- a/ssl_verify_openssl.c
+++ b/ssl_verify_openssl.c
@@ -515,34 +515,15 @@ x509_verify_cert_eku (X509 *x509, const char * const expected_oid)
   return fFound;
 }
 
-const char *
-x509_write_cert(X509 *peercert, const char *tmp_dir, struct gc_arena *gc)
+bool
+x509_write_pem(FILE *peercert_file, X509 *peercert)
 {
-  FILE *peercert_file;
-  const char *peercert_filename="";
-
-  if(!tmp_dir)
-      return NULL;
-
-  /* create tmp file to store peer cert */
-  peercert_filename = create_temp_file (tmp_dir, "pcf", gc);
-
-  /* write peer-cert in tmp-file */
-  peercert_file = fopen(peercert_filename, "w+");
-  if(!peercert_file)
-    {
-      msg (M_ERR, "Failed to open temporary file : %s", peercert_filename);
-      return NULL;
-    }
-  if(PEM_write_X509(peercert_file,peercert)<0)
+  if (PEM_write_X509(peercert_file, peercert) < 0)
     {
       msg (M_ERR, "Failed to write peer certificate in PEM format");
-      fclose(peercert_file);
-      return NULL;
+      return true;
     }
-
-  fclose(peercert_file);
-  return peercert_filename;
+  return false;
 }
 
 #endif /* OPENSSL_VERSION_NUMBER */